Taking Down The LabHost Scam: What We Know So Far

At WRS, we deal with clients who have lost money through scams, such as phishing scams, and we work to trace and recover funds lost. However, we rarely hear of cases where these schemes are stopped. In the past few weeks, one of the biggest phishing scams, LabHost, has been shut down thanks to the […]

Taking Down The LabHost Scam: What We Know So Far

At WRS, we deal with clients who have lost money through scams, such as phishing scams, and we work to trace and recover funds lost. However, we rarely hear of cases where these schemes are stopped. In the past few weeks, one of the biggest phishing scams, LabHost, has been shut down thanks to the help of legal authorities, with around 37 individuals arrested in connection with the scam so far. 

It’s believed that the LabHost scam resulted in the harvesting of around 70,000 victim’s details in the UK during its time, with 2,000 individuals being identified as criminals using LabHost’s websites. So, what do we know about the LabHost scam so far? Let’s take a closer look. 

What Is LabHost? 

LabHost was set up in 2021, offering a “phishing service” platform. This allowed criminal users to set up and run websites with the sole purpose of being used to steal information from users, such as card details, personal information, passwords and security questions and answers, also known as phishing

Criminal LabHost users were paying up to £300 per month for their memberships, with the service making it easy for those even without IT skills to set up scam sites and pages. In some instances, LabHost even provided tutorials on how to run phishing scams, ending the video with "stay safe and good spamming”. Perhaps more worryingly, LabHost users were able to request the creation of realistic-looking websites which impersonated trusted names and brands, including banks, DHL and Spotify. 

It is believed that, by the beginning of 2024, over 40,000 fraudulent websites were created using LabHost, with it providing subscribers with the fake profiles of over 170 companies that they could us to trick victims, with 47 of these companies based in the UK. Some subscribers even had “worldwide memberships” which allowed them to target international victims. It’s predicted that LabHost received just under £1 million in subscription payments during it’s time. 

The LabHost site has now been taken down as a result of the arrest and, shortly after, it’s believed that 800 of the 2,000 subscribers received communication that the police knew who they were, how much they’d paid to LabHost and how many sites they’ve created. 

Victims Of LabHost

Since the LabHost site was taken down, around 25,000 of the 70,000 affected have been contacted by police so far to tell them that their data was compromised as a result of the scam. It’s believed that detectives started looking into the LabHost scam in June 2022, after receiving information from the Cyber Defence Alliance - a group of British law enforcement and banking agencies that work together to share intelligence. Then, in November 2022, the Met arrested over 130 suspects when over 200,000 victims were identified as being scammed through fake bank calls. 

One example of a LabHost scam included victims being sent a text, pretending to be a postage provider. The text claimed that the victim had a parcel which was unable to be delivered or left safely, then prompting them to click a link that then took them to a fake webpage where they were asked to leave their personal details or make a payment to rearrange delivery. Seemingly legitimate, the site was actually a fraudulent LabHost site. 

With the ongoing LabHost operation, partners including Microsoft and Chainalysis were brought in in an effort to bring the scam platform down. The Met advises that victims contact them directly if they believe they have been the victim of the LabHost phishing scam for further advice and information. 

What To Do If You Have Been Affected By The LabHost Scam

In the UK, you are more likely to be a victim of fraud than any other crime. Fraud, and particularly phishing scams and fraud, can not only be financially devastating, but psychologically too. Along with cybercrime, fraud makes up around 50% of all crime across England and Wales. 

We know that the LabHost scam was highly advanced, operating across the globe, giving criminals the platform to create and share their own fraudulent sites and pages in a purposeful act to commit a crime. LabHost users were able to replicate legitimate and trusted websites, stealing not only money from victims, but their personal information and data, too. If you have been the victim of the LabHost scam and have received a text from the Met, then it’s best to follow the instructions given. If you have not yet been contacted, but believe you have been scammed through LabHost, then detectives are asking you to reach out to the Met directly

Unfortunately, phishing scams are hugely common and we’re seeing many cases from our clients where their banks were unable to protect them from being scammed. If you’ve been a victim of phishing scams such as the LabHost scam and your bank has been unable to reimburse you, contact the WRS team today, as we may be able to recover your lost funds.